Multifactor authentication, or MFA, is a security measure that requires anyone logging in to an account to navigate a multistep process to prove their identity. It’s sometimes referred to as two-factor authentication, but some systems allow for more than two steps — hence, multifactor. Enabling MFA improves the security of your web accounts and personal information by creating additional barriers for any bad actors trying to access your accounts.
When logging in to a service with MFA enabled, the first step is still entering your credentials: username/email and password/passphrase. The next step is to provide a different way of showing you’re you, using additional information or a separate device you’ve registered with the service.
Some MFA options:
- An extra personal identification number.
- The answer to an extra security question, such as “What’s your favorite pet’s name?”
- A code you need to enter that was texted to a mobile number or emailed to a different account.
- A biometric identifier such as facial recognition or a fingerprint.
- A unique number or approval request generated by an authenticator app (such as those from Microsoft, Google or Duo).
- A secure token, which is a separate piece of hardware (like a key fob that holds information) that verifies a person’s identity with a database or system.
When to enact MFA
At Metropolitan State University of Denver, MFA has been available for all student, faculty and staff NetIDs since 2020, with options to use an external email address, personal phone number or the Microsoft Authenticator app as your second authentication factor. But more than just your MSU Denver account can benefit from using MFA. It’s used widely on platforms that hold valuable financial or personal information, such as those of banks, financial institutions, online stores and social-media platforms. While not every service offers MFA, more organizations adopt it every day as they become more security-aware.
If you haven’t already, the MSU Denver Information Technology Services security team strongly encourages you to enable MFA wherever you can. It’s a simple but highly effective way to drastically improve the security of your accounts.
More information
For more information on MFA in the MSU Denver technology environment, including instructions for how to set up or change your MFA options, please see What Is Multi-Factor Authentication (MFA)? in the ITS Knowledgebase.
More on Cybersecurity Awareness Month
This is part of a series of articles for Cybersecurity Awareness Month. MSU Denver is proud to support this far-reaching online-safety awareness-and-education initiative, which is co-led by the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security. For more information about Cybersecurity Awareness Month and how to participate in a wide variety of activities, visit Stay Safe online. You can also follow and use the official hashtag #BeCyberSmart on social media throughout the month.